[strongSwan] About the example host2host-cert!
Andreas Steffen
andreas.steffen at strongswan.org
Tue Jan 11 04:16:00 CET 2011
Hello Vincent,
it seems that the other end is not reachable on IKE UDP port 500. If you
didn't start iptables then this port shouldn't be blocked. I rather
suspect that the IKE daemon on the other end is either not running
or not configured for the same IKE version (IKEv1 versus IKEv2).
Regards
Andreas
On 11.01.2011 02:49, wenrongbupt wrote:
> Hi all,
>
> I configure the ipsec.conf according this url:http://www.strongswan.org
> /uml/testresults/ikev2/host2host-cert/.
> But everytime I run ipsec up host-host,the output is the packet
> retransmit five times,then said establishing IKE_SA failed,peer not
> response.
>
> I guess that the reason is I didn't configure iptables and didn't run
> /etc/init.d/iptables.I hadn't found the iptables in the dir /etc/init.d.
> I use ubuntu 9.04.
>
> I want to know how to configure iptables(the result same as
> http://www.strongswan.org/uml/testresults/ikev2/host2host-cert/moon.iptables
> ) and the purpose of /etc/init.d/iptables?
>
> Thank you very much for your reply.
>
> Best Regards
> vincent
>
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
More information about the Users
mailing list